private void setupKeys() { ParametersWithIV tempPram = null; try{ KeyParameter cipherKey = new KeyParameter(KeyGenUtils.deriveSecretKey(unencryptedBaseKey, EncryptedRandomAccessBuffer.class, kdfInput.underlyingKey.input, type.encryptKey).getEncoded()); tempPram = new ParametersWithIV(cipherKey, KeyGenUtils.deriveIvParameterSpec(unencryptedBaseKey, EncryptedRandomAccessBuffer.class, kdfInput.underlyingIV.input, type.encryptKey).getIV()); } catch(InvalidKeyException e) { throw new IllegalStateException(e); // Must be a bug. } this.cipherParams = tempPram; }
/** * Creates a new MasterSecret. */ public MasterSecret(){ masterKey = KeyGenUtils.genSecretKey(KeyType.HMACSHA512); }
/** * Derives a IvParameterSpec of the specified type from the given key using the provided class * name and kdfString * @param kdfKey The key to derive from * @param c Class name to use in derivation * @param kdfString String to use in derivation * @param ivType The type of IV to derive * @return The derived IV as an IvParameterSpec * @throws InvalidKeyException */ public static IvParameterSpec deriveIvParameterSpec(SecretKey kdfKey, Class<?> c, String kdfString, KeyType ivType) throws InvalidKeyException{ return getIvParameterSpec(deriveBytesTruncated(kdfKey, c, kdfString, ivType.ivSize >> 3)); } }
/** * Converts a specified key for a specified algorithm to a PublicKey which is then stored in * a KeyPair. The private key of the KeyPair is null. Can not handle DSA keys. * @param type The type of key being passed in * @param pub Public key as byte[] * @return Public key as KeyPair with a null private key */ public static KeyPair getPublicKeyPair(KeyPairType type, byte[] pub) { return getKeyPair(getPublicKey(type, pub), null); }
/** * Derives a SecretKey of the specified type from the given key using the provided class name * and kdfString * @param kdfKey The key to derive from * @param c Class name to use in derivation * @param kdfString String to use in derivation * @param type The type of key to derive * @return The derived key as a SecretKey * @throws InvalidKeyException */ public static SecretKey deriveSecretKey(SecretKey kdfKey, Class<?> c, String kdfString, KeyType type) throws InvalidKeyException{ return getSecretKey(type, deriveBytesTruncated(kdfKey, c, kdfString, type.keySize >> 3)); }
@Test (expected = NullPointerException.class) public void testDeriveSecretKeyNullInput2() throws InvalidKeyException{ SecretKey kdfKey = KeyGenUtils.getSecretKey(KeyType.HMACSHA512, trueLengthSecretKeys[6]); KeyGenUtils.deriveSecretKey(kdfKey, null, kdfInput, KeyType.ChaCha128); }
@Test (expected = NullPointerException.class) public void testDeriveIvParameterSpecNullInput3() throws InvalidKeyException{ SecretKey kdfKey = KeyGenUtils.getSecretKey(KeyType.HMACSHA512, trueLengthSecretKeys[6]); KeyGenUtils.deriveIvParameterSpec(kdfKey, KeyGenUtils.class, null, KeyType.ChaCha128); }
this.headerEncIV = KeyGenUtils.genIV(type.encryptType.ivSize).getIV(); this.unencryptedBaseKey = KeyGenUtils.genSecretKey(type.encryptKey); writeHeader(); } else { KeyParameter cipherKey = new KeyParameter(KeyGenUtils.deriveSecretKey(unencryptedBaseKey, getClass(), kdfInput.underlyingKey.input, type.encryptKey).getEncoded()); tempPram = new ParametersWithIV(cipherKey, KeyGenUtils.deriveIvParameterSpec(unencryptedBaseKey, getClass(), kdfInput.underlyingIV.input, type.encryptKey).getIV()); } catch(InvalidKeyException e) {
/** * Creates an instance of MessageAuthCode that will use the specified algorithm and * key which is converted from a byte[] to a SecretKey. Must not be used on algorithms that * require an IV, as a specified key but a random IV is probably not useful for an HMAC. * @param type The MAC algorithm to use * @param cryptoKey The key to use * @throws InvalidKeyException */ public MessageAuthCode(MACType type, byte[] cryptoKey) throws InvalidKeyException { this(type, KeyGenUtils.getSecretKey(type.keyType, cryptoKey)); }
/** * Converts the specified keys for a specified algorithm to PrivateKey and PublicKey * respectively. These are then placed in a KeyPair. Can not handle DSA keys. * @param type The type of key being passed in * @param pub Public key as ByteBuffer * @param pri Private key as ByteBuffer * @return The public key and private key in a KeyPair */ public static KeyPair getKeyPair(KeyPairType type, ByteBuffer pub, ByteBuffer pri) { return getKeyPair(type, Fields.copyToArray(pub), Fields.copyToArray(pri)); }
if (isJava7()) { kf = KeyFactory.getInstance(type.alg, bcProvider); } else { PublicKey pubK = getPublicKey(type, pub); return getKeyPair(pubK, privK); } catch (UnsupportedTypeException e) { throw new Error(e); // Should be impossible
/** * Converts a specified key for a specified algorithm to a PublicKey. Can not handle DSA keys. * @param type The type of key being passed in * @param pub Public key as ByteBuffer * @return Public key as PublicKey */ public static PublicKey getPublicKey(KeyPairType type, ByteBuffer pub){ return getPublicKey(type, Fields.copyToArray(pub)); }
private SkippingStreamCipher setup(OutputStream os) throws GeneralSecurityException, IOException { this.headerEncIV = KeyGenUtils.genIV(type.encryptType.ivSize).getIV(); this.unencryptedBaseKey = KeyGenUtils.genSecretKey(type.encryptKey); writeHeader(os); setupKeys(); SkippingStreamCipher cipherWrite = this.type.get(); cipherWrite.init(true, cipherParams); return cipherWrite; }
/** * Converts a specified key for a specified algorithm to a PublicKey which is then stored in * a KeyPair. The private key of the KeyPair is null. Can not handle DSA keys. * @param type The type of key being passed in * @param pub Public key as ByteBuffer * @return Public key as KeyPair with a null private key */ public static KeyPair getPublicKeyPair(KeyPairType type, ByteBuffer pub) { return getPublicKeyPair(type, Fields.copyToArray(pub)); }
@Test (expected = IllegalArgumentException.class) public void testGetIvParameterSpecNullInput() { KeyGenUtils.getIvParameterSpec(null, 0, trueIV.length); }
/** * Generates a new IV to be used and initializes the cipher instances with * the new iv. Only works with algorithms that support IVs, not RijndaelPCFB. * @return The generated IV */ public IvParameterSpec genIV(){ if(!type.hasIV()){ throw new UnsupportedTypeException(type); } this.iv = KeyGenUtils.genIV(type.ivSize); try { encryptCipher.init(Cipher.ENCRYPT_MODE, this.key, this.iv); decryptCipher.init(Cipher.DECRYPT_MODE, this.key, this.iv); } catch (InvalidKeyException e) { throw new IllegalArgumentException(e); // Definitely a bug ... } catch (InvalidAlgorithmParameterException e) { throw new IllegalArgumentException(e); // Definitely a bug ... } return iv; }
/** * Derives a SecretKey of the specified type from the MasterSecret. * @param type The type of key to derive * @return The derived key */ public SecretKey deriveKey(KeyType type){ try { return KeyGenUtils.deriveSecretKey(masterKey, getClass(), type.name()+" key", type); } catch (InvalidKeyException e) { throw new IllegalStateException(e); // Definitely a bug. } }
/** * Derives a IvParameterSpec of the specified type from the MasterSecret. * @param type The type of iv to derive * @return The derived iv */ public IvParameterSpec deriveIv(KeyType type){ try { return KeyGenUtils.deriveIvParameterSpec(masterKey, getClass(), type.name()+" iv", type); } catch (InvalidKeyException e) { throw new IllegalStateException(e); // Definitely a bug. } }
/** * Derives a ByteBuffer of the specified length from the given key using the provided class name * and kdfString * @param kdfKey The key to derive from * @param c Class name to use in derivation * @param kdfString String to use in derivation * @param len How long the new ByteBuffer should be. * @return A ByteBuffer of the specified length * @throws InvalidKeyException */ private static ByteBuffer deriveBytesTruncated(SecretKey kdfKey, Class<?> c, String kdfString, int len) throws InvalidKeyException{ byte[] key = new byte[len]; deriveBytes(kdfKey, c, kdfString).get(key); return ByteBuffer.wrap(key); }
@Test (expected = NullPointerException.class) public void testDeriveSecretKeyNullInput3() throws InvalidKeyException{ SecretKey kdfKey = KeyGenUtils.getSecretKey(KeyType.HMACSHA512, trueLengthSecretKeys[6]); KeyGenUtils.deriveSecretKey(kdfKey, KeyGenUtils.class, null, KeyType.ChaCha128); }